W3C drafts privacy system

The consortium proposes a system that allows for sites to disclose their data-collection practices and lets users choose how much data to give away.

May 19, 19981:40 PM PDT

The World Wide Web Consortium (W3C)
today released a working
draft for a system that allows Net sites to seamlessly declare their
data-collection policies, while at the same time letting surfers decide
which personal details they are willing to give up in exchange for
goods and services.

The availability of such technologies aims to quell international online
privacy concerns--which federal
agencies and the White House
fear will hamper e-commerce. However, some consumer advocates argue that
products such as P3P don't enhance privacy, but rather help create an environment
in which people feel compelled to barter their names, email addresses, and
other demographics as a condition of using the Net.

When a site utilizing P3P is accessed, its data collection and privacy
practices are presented to a visitor's browser. Then, based on the surfer's
settings, which are imbedded in her Web browser, the site will
automatically register the user's personal preferences. It will know the following: what
personal information can be harnessed, whether it can track the visitor's
activity while she is on the site, and whether the site is authorized to share that data
with third parties or if the user wants to remain completely anonymous and
unmonitored.

At all times, individual sites and Net users can negotiate these boundaries.

For example, P3P notifies users when a site's practices don't mesh with
their preferences. A site could refuse to admit people unless they forfeit
certain data, users could agree to the conditions or leave, or the site
could offer an alternative.

On the other hand, Net users' default preferences may be set at "anonymous"
except for when they enter a subscription-based news site that requires
their user name and password. In those instances, users might tweak their
P3P settings to let a specific site grab their personal information, which
allows them to easily access the site.

"We're creating a platform for people to use to negotiate, communicate, and
decide on something that is beneficial for them. The way you set your
setting will have a big impact on your privacy," Joseph Reagle, P3P project
manager, said today.

"You set your generic preferences to what you generally feel comfortable
with, and then you grow your relationships with [Net sites]," he added.
"This is no different from how you grow trust in the real world."

Eventually, organizations will be able to recommend default P3P settings,
Reagle added, which Net users can easily integrate into their browsers.

Reagle suggested at least a three-tiered setting, the first of which lets
users stay completely anonymous. The second setting could allow a site
to monitor a user semi-anonymously to calculate traffic for advertisers, for
example. And a third setting might permit a site to use a numerical ID to
track a specific user's interests, such as a sports news site that gathers
headlines based on a person's favorite teams.

The working draft of the P3P 1.0 specification is now open for public
comment. In about six weeks, a revised version will be released so that
developers can begin working to implement P3P. The project hopes to issue
final recommendations by October.

It is no surprise the White House supports P3P. The administration is trying
to stave off regulation of e-commerce in the face of more than 50 Net
privacy bills pending in Congress and a
strict European Union privacy directive that
goes into effect this fall.

"I welcome this important new tool for privacy protection. It will empower
individuals to maintain control over their personal information while using
the World Wide Web," Gore said in a statement.

P3P does not include a similar system--the Open Profiling Standard--proposed by
Netscape, Internet tools maker Firefly
Network, and certificate authority VeriSign. OPS would let users store a
personal profile on their computer and then decide whether to disclose that
data to sites.

"P3P was initially focused on enabling the expression of privacy practices
and preferences. OPS's focus was on the secure storage, transport, and
control of user data," states the W3C.

But Reagle added that parts of OPS were reviewed when drafting today's
proposed P3P system. "There is nothing in P3P specifications that is OPS.
But there are things that the designers learned from OPS," he said.

Still, P3P and OPS are criticized by some privacy groups for catering to
marketers, services, and content providers, which in the interest of building
successful online businesses want to learn all they can about surfers. This
balance does not favor privacy, these consumer advocates argue.

"P3P is heading in the wrong direction. The best techniques for protecting
privacy are those that limit or eliminate the collection of personal
information," Marc Rotenberg, director of the Electronic Privacy Information Center, said
today.

"P3P makes it very easy for Web sites to turn away people who won't give up
their information. We don't think that is the right approach," he added.
"People need a very simple uniform privacy standard that uses protocols, based
on encryption [for example], that allow them to be completely anonymous."

The W3C's Reagle said the flexibility of the marketplace and consumer
demand will ultimately decide this privacy debate, not the technology
itself. "I don't know how the balancing act plays out, but P3P doesn't
swing it one way or the other," he said.

Despite concerns, a list of influential online companies and government
officials are behind P3P, increasing the likelihood that it will be embraced.

"Currently, legislation is uneven in its ability to provide this
protection. Solutions like P3P, developed through consensus, mean that
privacy on the Net can be improved right now," Ann Cavoukian, an Ontario
Information and Privacy Commissioner, said in a statement.